EUVD-2023-54444

Malicious code in bioql PyPI...

EUVD-2023-54445

Malicious code in bioql PyPI...

CVE-2023-4591

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

CVE-2023-4591

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

CVE-2023-4592

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

CVE-2023-4592

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

Remote file inclusion

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

Cross site scripting

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

CVE-2023-4592 Improper Neutralization of Input During Web Page Generation in WPN-XM Serverstack

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

CVE-2023-4592

CVE-2023-4592 concerns WPN-XM Serverstack 0.8.6. The vulnerability is a Cross-Site Scripting flaw allowing a remote attacker to send a crafted JavaScript payload via the "/tools/webinterface/index.php" parameter to access an authenticated user’s cookie/session information, enabling session hijack...

CVE-2023-4592 Improper Neutralization of Input During Web Page Generation in WPN-XM Serverstack

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an...

CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack

A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...

PT-2023-29763 · Unknown · Wpn-Xm Serverstack

Name of the Vulnerable Software and Affected Versions: WPN-XM Serverstack version 0.8.6 Description: A local file inclusion issue has been found, allowing an unauthenticated user to perform a local file inclusion via the "/tools/webinterface/index.php?page" parameter by sending a GET request. Thi...

PT-2023-29766 · Unknown · Wpn-Xm Serverstack

Name of the Vulnerable Software and Affected Versions: WPN-XM Serverstack version 0.8.6 Description: A Cross-Site Scripting issue has been detected in WPN-XM Serverstack. This issue could allow a remote attacker to send a specially crafted JavaScript payload through the...

WPN-XM Serverstack Security Vulnerability

WPN-XM Serverstack is a server stack from the WPN-XM organization for developing PHP on Windows. A security vulnerability exists in WPN-XM Serverstack version 0.8.6, which stems from the presence of a local file inclusion vulnerability that could result in loading PHP files on the server, which...

WPN-XM Serverstack For Windows 0.8.6 XSS / LFI / Traversal

Exploit Title: WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities Discovery by: Rafael Pedrero Discovery Date: 2022-02-13 Vendor Homepage: http://wpn-xm.org/ Software Link : https://github.com/WPN-XM/WPN-XM/ Tested Version: 0.8.6 Tested on: Windows 10 using XAMPP Vulnerability Type:...

WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery

No description provided by source...

WPN-XM Serverstack Cross-Site Request Forgery Vulnerability

WPN-XM is provided to the win platform under the PHP development of open source web server solutions. A cross-site request forgery vulnerability exists in WPN-XM Serverstack. The attacker constructs a malicious website and the victim clicks on the malicious website link to visit it...

WPN-XM 0.8.6 Cross Site Scripting

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WPNXM-XSS.txt Vendor: =========== wpn-xm.org Product: ======== WPN-XM Serverstack for Windows - Version 0.8.6 WPN-XM is a free and open-source web server solution stack for professional PHP...